Project JEDI - Issue Tracker
Mantis Bugtracker

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0006570 [JEDI VCL] 00 JVCL Components crash always 2017-05-08 15:43 2017-05-08 15:43
Reporter rarog View Status public  
Assigned To
Priority normal Resolution open  
Status new   Product Version Daily / GIT
Summary 0006570: JvMemoryData easilly corrupts buffer when using many fields
Description TJvMemoryData.InitFieldDefsFromFields can easily corrupt the buffer without throwing any error.

The problem root is in this line:
Inc(Offset, CalcFieldLen(DataType, Size) + 1);

It just increases the offset without checking, if it causes a cycle getting an overflow when reaching values over 65535.

To reproduce it, it should be enough to load a data with 22 WideString fields. Each of them is initialised by default to hold 1500 chars, each char takes 2 bytes.
So 1500 * 2 * 22 = 66000 resulting in the buffer to be in between and corrupt memory.
Additional Information
Tags No tags attached.
Attached Files

- Relationships

There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2017-05-08 15:43 rarog New Issue


Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker